Featured Post

Most data breaches from inside the organizations are still due to unfettered database access. It is critical for any executive to have a basic understanding of what database controls look like from a practical standpoint and understand off-the-radar areas of data breach risk.

The best cybersecurity and privacy regimes will never work if your team members do not actively protect company efforts. Here is the precursor to how top-down security infrastructures have shortcomings. Instead, think how you can drive security from the ground up: with the support of each and every team member that contributes to your project. Here are seven key tips.

Perimeter security has historically provided the analogy of protecting the keys to the kingdom for Enterprises. However once you are in the castle (or the network) you are anonymous and lose identity. Hence, spies were so effective in these environments in the eons past, and hackers in the current era.

We have built and/or integrated various Machine Learning models over the years within the Financial Services. The success of these projects generally lie in tight requirements and good data quality. Following are some takeaways based on NLP work we did for an investment bank’s trading desk based in NYC (used with permission of course). Reason to delve deeper into this case study is to illustrate real-life challenges and explain why it will take time for Machine Learning and AI to be highly impactful on Wall Street.

Private Data makes its way into source code far more commonly than acknowledged. It is not uncommon to see sensitive data leaking via Github, Bitbucket, Jira and other Devops tools. With collaborative and offshore teams working concurrently on same code/branches/repos creates a perfect remedy where comments and other identifiers in code can expose highly sensitive company data.

Large number of businesses leverage offshore technology teams. However, very few of those remote extensions of technology teams have comparable data governance or policies in minimizing cyber-security risks as they deal with US and EU customer data.

Client facing Slack and Zoom channels are especially useful for the direct and safe communication and support environment. For this reason, these client-facing chat rooms can also act as sources of sensitive data leaks, commercial chatter that could affect stock price or highly confidential data that stays is memorialized in 'history'.

Many slack users are unaware of the permissions that may become enabled when third-party applications are linked with one’s Slack account. Typically, such permissions may encompass the ability to view information, post information, and carry out actions within a slack channel, thread, or direct message.

In the US alone, the overall cost of healthcare breaches in 2019 was US$ 11.8 billion (£9.2 billion) – more than double the 2018 figure, & healthcare breach discovery time is the longest for any industry. SOC2, ISO or HIPAA ain't cutting it when it comes to cyber security and privacy.

Slack's data security features in free or paid plans outside of Slack Enterprise Grid are not HIPAA compliant out of the box. Huge onus on users and organizations in conforming to HIPAA.

Polymer CEO, Yasir Ali, discusses privacy and security risks with @nav from neo4j in the era of work from home at the Connections Online Conference.

Equifax. Target. Marriot. Delta Airlines. Recognizable names of course, but as of late - perhaps for the wrong reasons. Every day, malicious actors take the web in search of valuable personal information, made available through the misguided handling of customer data by companies across the globe. When they come for your company, don't be surprised - almost 30% of organizations are likely to suffer at least one breach over the next 24 months.